Cloud computing is the use of computing resources, including hardware and software, that are delivered as a service over a network, typically the Internet. As cloud computing achieves increased popularity and adoption of cloud-based services by businesses increases, concerns over security and risks of using these cloud-based services become significant. Traditionally, systems and software applications were deployed in enterprise environments, such as within an enterprise's own private data network, with strict controls and policies to ensure that data and usage are compliant with the enterprise's standards. However, the adoption of cloud-based services offered by third parties creates a potential mismatch, or complete absence, of expected enterprise level controls. Enterprises are faced with the challenge of accessing risk exposure associated with the use of cloud-based services in order to apply compensating controls.
In particular, an enterprise may adopt the use of one or more cloud-based services to support its business operation. Meanwhile, the users of the enterprise may access these cloud-based services from various locations, at or outside the enterprise's primary business locations. The enterprise is faced with the challenge of accessing risk exposure associated with the use of these cloud-based services where the users of the enterprises are located at a myriad of diverse locations.